Fedora 17 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 17 Security updates need testing:
 Age  URL
 266  https://admin.fedoraproject.org/updates/FEDORA-2012-10269/revelation-0.4.14-1.fc17
  78  https://admin.fedoraproject.org/updates/FEDORA-2013-0455/fedora-business-cards-1-0.1.beta1.fc17
  48  https://admin.fedoraproject.org/updates/FEDORA-2013-2143/rubygem-rdoc-3.12-5.fc17
  44  https://admin.fedoraproject.org/updates/FEDORA-2013-2315/rubygem-rack-1.4.0-4.fc17
  16  https://admin.fedoraproject.org/updates/FEDORA-2013-3673/perl-5.14.4-224.fc17
  13  https://admin.fedoraproject.org/updates/FEDORA-2013-3927/php-5.4.13-1.fc17
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4063/squid-3.2.9-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4134/drupal7-views-3.6-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4130/rubygem-activesupport-3.0.11-9.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4199/rubygem-actionpack-3.0.11-9.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4187/puppet-2.7.21-2.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4210/gajim-0.15.3-1.fc17
   6  https://admin.fedoraproject.org/updates/FEDORA-2013-4234/stunnel-4.55-1.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-4335/mantis-1.2.14-1.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-4296/tomcat6-6.0.36-1.fc17
   3  https://admin.fedoraproject.org/updates/FEDORA-2013-4404/moodle-2.2.9-1.fc17
   2  https://admin.fedoraproject.org/updates/FEDORA-2013-4424/py-bcrypt-0.3-1.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4533/bind-9.9.2-7.P2.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4536/roundcubemail-0.8.6-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4531/mongodb-2.2.3-4.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4522/libarchive-3.0.4-3.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4516/drupal7-rules-2.3-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4528/asterisk-10.12.2-1.fc17


The following Fedora 17 Critical Path updates have yet to be approved:
 Age URL
 218  https://admin.fedoraproject.org/updates/FEDORA-2012-12509/PackageKit-0.7.6-1.fc17
  47  https://admin.fedoraproject.org/updates/FEDORA-2013-2163/policycoreutils-2.1.13-27.3.fc17
  26  https://admin.fedoraproject.org/updates/FEDORA-2013-3304/libvpx-1.2.0-1.fc17
   9  https://admin.fedoraproject.org/updates/FEDORA-2013-4037/dnsmasq-2.65-5.fc17
   8  https://admin.fedoraproject.org/updates/FEDORA-2013-4066/xulrunner-19.0.2-3.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4216/xorg-x11-drv-intel-2.21.5-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4140/audit-2.2.3-2.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4147/docbook-style-xsl-1.78.1-1.fc17
   7  https://admin.fedoraproject.org/updates/FEDORA-2013-4174/glibc-2.15-59.fc17
   5  https://admin.fedoraproject.org/updates/FEDORA-2013-4308/libnotify-0.7.5-5.fc17
   1  https://admin.fedoraproject.org/updates/FEDORA-2013-4501/libxslt-1.1.28-1.fc17
   0  https://admin.fedoraproject.org/updates/FEDORA-2013-4522/libarchive-3.0.4-3.fc17
The following builds have been pushed to Fedora 17 updates-testing

    asterisk-10.12.2-1.fc17
    bind-9.9.2-7.P2.fc17
    drupal7-mediawiki_api-1.0-0.7.beta2.fc17
    drupal7-rules-2.3-1.fc17
    drupal7-theme-adaptivetheme-3.1-1.fc17
    httpie-0.4.1-2.fc17
    kscreen-0.0.81-1.fc17
    libarchive-3.0.4-3.fc17
    libkscreen-0.0.81-1.fc17
    mesa-demos-8.1.0-3.fc17
    mongodb-2.2.3-4.fc17
    privoxy-3.0.21-2.fc17
    python-moksha-hub-1.2.0-1.fc17
    python-txzmq-0.6.1-5.fc17
    qpid-proton-0.4-2.fc17
    roundcubemail-0.8.6-1.fc17
    rubygem-nokogiri-1.5.9-1.fc17
    tzdata-2013b-2.fc17
    valyriatear-0.5.0-4.fc17
    xorg-x11-drv-openchrome-0.3.2-1.fc17

Details about builds:


================================================================================
 asterisk-10.12.2-1.fc17 (FEDORA-2013-4528)
 The Open Source PBX
--------------------------------------------------------------------------------
Update Information:

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases
are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones,
and 11.2.2.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of these versions resolve the following issues:

* A possible buffer overflow during H.264 format negotiation. The format
  attribute resource for H.264 video performs an unsafe read against a media
  attribute when parsing the SDP.

  This vulnerability only affected Asterisk 11.

* A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed
  in January of this year, contained a fix for Asterisk's HTTP server for a
  remotely-triggered crash. While the fix prevented the crash from being
  triggered, a denial of service vector still exists with that solution if an
  attacker sends one or more HTTP POST requests with very large Content-Length
  values.

  This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11

* A potential username disclosure exists in the SIP channel driver. When
  authenticating a SIP request with alwaysauthreject enabled, allowguest
  disabled, and autocreatepeer disabled, Asterisk discloses whether a user
  exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.

  This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11

These issues and their resolutions are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were
released at the same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.20.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2-digiumphones
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.2.2

The security advisories are available at:

 * http://downloads.asterisk.org/pub/security/AST-2013-001.pdf
 * http://downloads.asterisk.org/pub/security/AST-2013-002.pdf
 * http://downloads.asterisk.org/pub/security/AST-2013-003.pdf

--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Jeffrey Ollie <jeff@xxxxxxxxxx> - 10.12.2-1:
- The Asterisk Development Team has announced security releases for Certified
- Asterisk 1.8.15 and Asterisk 1.8, 10, and 11. The available security releases
- are released as versions 1.8.15-cert2, 1.8.20.2, 10.12.2, 10.12.2-digiumphones,
- and 11.2.2.
-
- These releases are available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk/releases
-
- The release of these versions resolve the following issues:
-
- * A possible buffer overflow during H.264 format negotiation. The format
-   attribute resource for H.264 video performs an unsafe read against a media
-   attribute when parsing the SDP.
-
-   This vulnerability only affected Asterisk 11.
-
- * A denial of service exists in Asterisk's HTTP server. AST-2012-014, fixed
-   in January of this year, contained a fix for Asterisk's HTTP server for a
-   remotely-triggered crash. While the fix prevented the crash from being
-   triggered, a denial of service vector still exists with that solution if an
-   attacker sends one or more HTTP POST requests with very large Content-Length
-   values.
-
-   This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
-
- * A potential username disclosure exists in the SIP channel driver. When
-   authenticating a SIP request with alwaysauthreject enabled, allowguest
-   disabled, and autocreatepeer disabled, Asterisk discloses whether a user
-   exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways.
-
-   This vulnerability affects Certified Asterisk 1.8.15, Asterisk 1.8, 10, and 11
-
- These issues and their resolutions are described in the security advisories.
-
- For more information about the details of these vulnerabilities, please read
- security advisories AST-2013-001, AST-2013-002, and AST-2013-003, which were
- released at the same time as this announcement.
-
- For a full list of changes in the current releases, please see the ChangeLogs:
-
- http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.15-cert2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.20.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.12.2-digiumphones
- http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.2.2
-
- The security advisories are available at:
-
-  * http://downloads.asterisk.org/pub/security/AST-2013-001.pdf
-  * http://downloads.asterisk.org/pub/security/AST-2013-002.pdf
-  * http://downloads.asterisk.org/pub/security/AST-2013-003.pdf
-
- The Asterisk Development Team has announced the release of Asterisk 10.12.1.
- This release is available for immediate download at
- http://downloads.asterisk.org/pub/telephony/asterisk
-
- The release of Asterisk 10.12.1 resolves several issues reported by the
- community and would have not been possible without your participation.
- Thank you!
-
- The following are the issues resolved in this release:
-
- * --- Fix astcanary startup problem due to wrong pid value from before
-       daemon call
-   (Closes issue ASTERISK-20947. Reported by Jakob Hirsch)
-
- * --- Update init.d scripts to handle stderr; readd splash screen for
-       remote consoles
-   (Closes issue ASTERISK-20945. Reported by Warren Selby)
-
- * --- Reset RTP timestamp; sequence number on SSRC change
-   (Closes issue ASTERISK-20906. Reported by Eelco Brolman)
-
- For a full list of changes in this release, please see the ChangeLog:
-
- http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-10.12.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928774 - CVE-2013-2686 asterisk: DoS in the HTTP server (AST-2013-002)
        https://bugzilla.redhat.com/show_bug.cgi?id=928774
  [ 2 ] Bug #928777 - CVE-2013-2264 asterisk: Username disclosure in SIP channel driver (AST-2013-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=928777
--------------------------------------------------------------------------------


================================================================================
 bind-9.9.2-7.P2.fc17 (FEDORA-2013-4533)
 The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
--------------------------------------------------------------------------------
Update Information:

Bind-dyndb-ldap was updated to upstream version 2.6. Fixed BIND packages contain dns/rrl.h header necessary for building bind-dyndb-ldap. Fixed CVE-2013-2266.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Tomas Hozza <thozza@xxxxxxxxxx> 32:9.9.2-7.P2
- New upstream patch version fixing CVE-2013-2266 (#928032)
* Wed Mar  6 2013 Tomas Hozza <thozza@xxxxxxxxxx> 32:9.9.2-6.P1
- Fix Makefile.in to include header added by rate limiting patch (#918330)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928027 - CVE-2013-2266 bind: libdns regular expressions excessive resource consumption DoS
        https://bugzilla.redhat.com/show_bug.cgi?id=928027
--------------------------------------------------------------------------------


================================================================================
 drupal7-mediawiki_api-1.0-0.7.beta2.fc17 (FEDORA-2013-4518)
 Provides a MediaWiki syntax to html conversion input filter
--------------------------------------------------------------------------------
Update Information:

New upstream version, http://drupal.org/node/1954400.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 1.0-0.7.beta2
- New upstream version.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-0.6.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.0-0.5.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928693 - drupal7-mediawiki_api-1.0-beta2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=928693
--------------------------------------------------------------------------------


================================================================================
 drupal7-rules-2.3-1.fc17 (FEDORA-2013-4516)
 It allows site administrators to define conditionally executed actions
--------------------------------------------------------------------------------
Update Information:

New upstream version, http://drupal.org/node/1954508 and http://drupal.org/node/1954592.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 2.3-1
- New upstream version
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928694 - drupal7-rules-2.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=928694
--------------------------------------------------------------------------------


================================================================================
 drupal7-theme-adaptivetheme-3.1-1.fc17 (FEDORA-2013-4557)
 Adaptivetheme is a powerful theme framework
--------------------------------------------------------------------------------
Update Information:

New upstream version, http://drupal.org/node/1761946.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Peter Borsa <peter.borsa@xxxxxxxxx> - 3.1-1
- Updated to 3.1
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928430 - please update package
        https://bugzilla.redhat.com/show_bug.cgi?id=928430
--------------------------------------------------------------------------------


================================================================================
 httpie-0.4.1-2.fc17 (FEDORA-2013-4529)
 A Curl-like tool for humans
--------------------------------------------------------------------------------
Update Information:

Initial Import
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #927457 - Review Request: httpie - A Curl-like tool for humans
        https://bugzilla.redhat.com/show_bug.cgi?id=927457
--------------------------------------------------------------------------------


================================================================================
 kscreen-0.0.81-1.fc17 (FEDORA-2013-4562)
 KDE Display Management software
--------------------------------------------------------------------------------
Update Information:

Update to 0.0.81
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Dan Vrátil <dvratil@xxxxxxxxxx> 1:0.0.81-1
- Update to 1:0.0.81-1
--------------------------------------------------------------------------------


================================================================================
 libarchive-3.0.4-3.fc17 (FEDORA-2013-4522)
 A library for handling streaming archive formats
--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Tomas Bzatek <tbzatek@xxxxxxxxxx> - 3.0.4-3
- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902998 - CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
        https://bugzilla.redhat.com/show_bug.cgi?id=902998
--------------------------------------------------------------------------------


================================================================================
 libkscreen-0.0.81-1.fc17 (FEDORA-2013-4562)
 Display configuration library
--------------------------------------------------------------------------------
Update Information:

Update to 0.0.81
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Dan Vrátil <dvratil@xxxxxxxxxx> - 1:0.0.81-1
- libkscreen 0.0.81
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1:0.0.71-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 mesa-demos-8.1.0-3.fc17 (FEDORA-2013-4551)
 Mesa demos
--------------------------------------------------------------------------------
Update Information:

mesa-demos 8.1.0
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Adam Jackson <ajax@xxxxxxxxxx> 8.1.0-3
- Build with --as-needed so glxinfo doesn't needlessly drag in GLEW
* Wed Feb 27 2013 Adam Jackson <ajax@xxxxxxxxxx> 8.1.0-2
- Copy glxinfo to glxinfo%{__isa_bits}, to allow people to check that their
  compatibility drivers are working.
* Sun Feb 24 2013 Dave Airlie <airlied@xxxxxxxxxx> 8.1.0-1
- package upstream demos release 8.1.0 (mainly for new glxinfo)
* Tue Jan  8 2013 Tom Callaway <spot@xxxxxxxxxxxxxxxxx> - 8.0.1-1.20121218git6eef979
- update to 8.0.1 (git checkout from 20121218)
- update xdriinfo to 1.0.4
- remove non-free files (bz892925)
* Thu Dec 13 2012 Adam Jackson <ajax@xxxxxxxxxx> - 7.10-9.20101028
- Rebuild for glew 1.9.0
* Fri Jul 27 2012 Kalev Lember <kalevlember@xxxxxxxxx> - 7.10-8.20101028
- Rebuilt for GLEW soname bump
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 7.10-7.20101028
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 mongodb-2.2.3-4.fc17 (FEDORA-2013-4531)
 High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2013-1892
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Troy Dawson <tdawson@xxxxxxxxxx> - 2.2.3-4
- Fix for CVE-2013-1892
* Sun Feb 10 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 2.2.3-3
- Rebuild for Boost-1.53.0
* Sat Feb  9 2013 Denis Arnaud <denis.arnaud_fedora@xxxxxxx> - 2.2.3-2
- Rebuild for Boost-1.53.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928193 - CVE-2013-1892 MongoDB: Server Side JavaScript Includes allow Remote Code Execution [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=928193
--------------------------------------------------------------------------------


================================================================================
 privoxy-3.0.21-2.fc17 (FEDORA-2013-4563)
 Privacy enhancing proxy
--------------------------------------------------------------------------------
Update Information:

Ad user.filter only if missing.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 3.0.21-2
- Create user.filter if it doesn't exist, BZ 926019.
- Add user.filter, BZ 896753.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #926019 - fails to start
        https://bugzilla.redhat.com/show_bug.cgi?id=926019
--------------------------------------------------------------------------------


================================================================================
 python-moksha-hub-1.2.0-1.fc17 (FEDORA-2013-4561)
 Hub components for Moksha
--------------------------------------------------------------------------------
Update Information:

Latest upstream with cleaning and reorganization.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Mar 26 2013 Ralph Bean <rbean@xxxxxxxxxx> - 1.2.0-1
- Latest upstream.
- Removed websocket tests until this review is complete:
  https://bugzilla.redhat.com/show_bug.cgi?id=909644
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 python-txzmq-0.6.1-5.fc17 (FEDORA-2013-4552)
 Twisted bindings for ZeroMQ
--------------------------------------------------------------------------------
Update Information:

Patches to support the latest pyzmq when it arrives.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Ralph Bean <rbean@xxxxxxxxxx> - 0.6.1-5
- Added three patches to support old and new pyzmq.
- More explicit file ownership in %{python_sitelib}.
- Removed some trailing whitespace.
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 0.6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 qpid-proton-0.4-2.fc17 (FEDORA-2013-4526)
 A high performance, lightweight messaging library
--------------------------------------------------------------------------------
Update Information:

Moved the C code to the qpid-proton-c subpackage.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Darryl L. Pierce <dpierce@xxxxxxxxxx> - 0.4-2
- Moved all C libraries to the new qpid-proton-c subpackage.
--------------------------------------------------------------------------------


================================================================================
 roundcubemail-0.8.6-1.fc17 (FEDORA-2013-4536)
 Round Cube Webmail is a browser-based multilingual IMAP client
--------------------------------------------------------------------------------
Update Information:

Fix for local file inclusion via web UI modification of certain config options.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Jon Ciesla <limburgher@xxxxxxxxx> - 0.8.6-1
- Latest upstream, fixes local file inclusion via web UI
- modification of certain config options.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928836 - roundcubemail: Local file inclusion via web UI modification of certain config options [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=928836
  [ 2 ] Bug #928837 - roundcubemail: Local file inclusion via web UI modification of certain config options [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=928837
--------------------------------------------------------------------------------


================================================================================
 rubygem-nokogiri-1.5.9-1.fc17 (FEDORA-2013-4547)
 An HTML, XML, SAX, and Reader parser
--------------------------------------------------------------------------------
Update Information:

New version 1.5.9 is released.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 1.5.9-1
- 1.5.9
* Tue Mar 26 2013 Vít Ondruch <vondruch@xxxxxxxxxx> - 1.5.6-3
- Use %{gem_extdir_mri} instead of %{gem_extdir}.
* Sat Feb 23 2013 Vít Ondruch <vondruch@xxxxxxxxxx> - 1.5.6-2
- Rebuild for https://fedoraproject.org/wiki/Features/Ruby_2.0.0
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@xxxxxxxxxxxxxxxxxxxxxxx> - 1.5.6-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
--------------------------------------------------------------------------------


================================================================================
 tzdata-2013b-2.fc17 (FEDORA-2013-4569)
 Timezone data
--------------------------------------------------------------------------------
Update Information:

- Palestine starts Daylight Saving Time on March 29, 2013
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Petr Machata <pmachata@xxxxxxxxxx> - 2013b-2
- Palestine starts Daylight Saving Time on March 29, 2013
  (tzdata-2013b-gaza.patch)
--------------------------------------------------------------------------------


================================================================================
 valyriatear-0.5.0-4.fc17 (FEDORA-2013-4534)
 Valyria Tear is a free 2D J-RPG based on the Hero of Allacrost engine
--------------------------------------------------------------------------------
Update Information:

Fixed a crash in the inventory window
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Erik Schilling <ablu.erikschilling@xxxxxxxxxxxxxx> 0.5.0-4
- Fixed serious crash in the inventory (redhat bug: #928608)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #928608 - The game valyriatear gets segmentation fault when shopping.
        https://bugzilla.redhat.com/show_bug.cgi?id=928608
--------------------------------------------------------------------------------


================================================================================
 xorg-x11-drv-openchrome-0.3.2-1.fc17 (FEDORA-2013-4527)
 Xorg X11 openchrome video driver
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream release.
For details, see http://cgit.freedesktop.org/openchrome/xf86-video-openchrome/tree/NEWS?id=release_0_3_2
--------------------------------------------------------------------------------
ChangeLog:

* Wed Mar 27 2013 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.3.2-1
- Update to 0.3.2.
- Remove old --enable-dri configure switch.
- Change Source0 URL to fd.o.
* Thu Mar  7 2013 Peter Hutterer <peter.hutterer@xxxxxxxxxx> - 0.3.1-5
- ABI rebuild
* Fri Feb 15 2013 Peter Hutterer <peter.hutterer@xxxxxxxxxx> - 0.3.1-4
- ABI rebuild
* Fri Feb 15 2013 Peter Hutterer <peter.hutterer@xxxxxxxxxx> - 0.3.1-3
- ABI rebuild
* Thu Jan 10 2013 Adam Jackson <ajax@xxxxxxxxxx> - 0.3.1-2
- ABI rebuild
* Tue Sep  4 2012 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.3.1-1
- Update to 0.3.1.
* Sun Aug  5 2012 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.3.0-2
- Update to latest snapshot to fix a crash in I2C code with Xserver 1.13.
* Fri Jul 20 2012 Xavier Bachelot <xavier@xxxxxxxxxxxx> - 0.3.0-1
- Update to 0.3.0.
- Install registers dumper tool.
* Fri Jul 20 2012 Dave Airlie <airlied@xxxxxxxxxx> 0.2.906-2
- temporary git snapshot, to fix deps after X server rebuild
--------------------------------------------------------------------------------

-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux